Number of Malvertising attacks are appeared to be increasing
day by day, even top websites fall victim to such kind of attacks - YouTube is
to be the latest popular organization affected by malicious ads.

Security experts from Bromium have discovered that the cyber
criminals were distributing a malware via YouTube ads.

According to researchers,
malicious ads attempt to exploit vulnerabilities in outdated Java. It loads different malicious jar file, to
ensure the exploit is compatible with the installed java version.

The Exploit kit used in this attack "Styx Exploit
Kit" which was the same one used by cybercriminals to infect users of toy
maker Hasbro.com.

If the user's machine is having vulnerable plugins, it will
exploit the vulnerability and drops a Banking Trojan known as
"Caphaw". Researchers say they
are working with Google Security team.